Monday, October 15, 2012

  • Monday, October 15, 2012
  • Elder of Ziyon
From PC Magazine:
Researchers have uncovered a new virus with ties to the Flame and Gauss malware. According to Kaspersky Lab, its latest discovery has "many similarities to Flame," prompting researchers to dub it miniFlame.

"MiniFlame is in fact based on the Flame platform but is implemented as an independent module. It can operate either independently, without the main modules of Flame in the system, or as a component controlled by Flame," Kaspersky said in a blog post.

MiniFlame was uncovered in July 2012, but has apparently been in development for several years. Kaspersky believes there are dozens of different miniFlame modifications; at this point, the firm has identified six.

While Flame and Gauss hit a large number of targets, miniFlame appears to be focused on a few systems in Western Asia. "This indicates that [miniFlame] is a tool used for highly targeted attacks, and has probably been used only against very specific targets that have the greatest significance and posing the greatest interest to the attackers," Kaspersky said.

MiniFlame also does not appear to be targeting a specific region. Flame was mostly focused in Iran and Sudan, while Gauss had a major presence in Lebanon. Different miniFlame variants, however, have clustered in regions like Lebanon and Palestine as well as Iran, Kuwait, and Qatar.

"If Flame and Gauss were massive spy operations, infecting thousands of users, miniFlame/SPE is a high precision, surgical attack tool," Kaspersky said.

MiniFlame, however, can be used in conjunction with its larger counterparts, like Gauss. "As many readers will remember, it has been assumed that Flame and Gauss were parallel projects that did not have any modules or C&C servers in common," Kaspersky said. "The discovery of miniFlame, which works with both these espionage projects, proves that we were right when we concluded that they had come out of the same 'cyber-weapon factory."

Kaspersky uncovered Flame in late May, and said at the time that it "might be the most sophisticated cyber weapon yet unleashed." Flame can sniff network traffic, take screenshots, record audio conversations, intercept a keyboard, and more. All of this data is then available via Flame's command-and-control servers.

Gauss, meanwhile, was uncovered in August and is a cyber threat targeting users in the Middle East that is intended to steal personal details, like banking information. Gauss includes a module - known as Godel - that has an encrypted payload, which Kaspersky found difficult to crack. Ultimately, it asked the security community for assistance.
Russian company Kaspersky, which has effectively become Iran's cyber-defense contractor, linked Flame and Stuxnet previously.

It is widely assumed that these suites of computer malware were designed by Israel and the US.

AddToAny

EoZ Book:"Protocols: Exposing Modern Antisemitism"

Printfriendly

EoZTV Podcast

Podcast URL

Subscribe in podnovaSubscribe with FeedlyAdd to netvibes
addtomyyahoo4Subscribe with SubToMe

search eoz

comments

Speaking

translate

E-Book

For $18 donation








Sample Text

EoZ's Most Popular Posts in recent years

Hasbys!

Elder of Ziyon - حـكـيـم صـهـيـون



This blog may be a labor of love for me, but it takes a lot of effort, time and money. For over 19 years and 40,000 articles I have been providing accurate, original news that would have remained unnoticed. I've written hundreds of scoops and sometimes my reporting ends up making a real difference. I appreciate any donations you can give to keep this blog going.

Donate!

Donate to fight for Israel!

Monthly subscription:
Payment options


One time donation:

subscribe via email

Follow EoZ on Twitter!

Interesting Blogs

Blog Archive